package com.atguigu.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@RequestMapping("/hello")
public class BeyCotroller {
    @RequestMapping("/add")
    @PreAuthorize("hasAuthority('add')")//表示用户必须拥有add权限
    public String add() {
        System.out.println("add....");
        return "success";
    }

    @RequestMapping("/update")
    @PreAuthorize("hasRole('ROLE_ADMIN')")
    public  String  update() {
        System.out.println("update");
        return "update";

    }
    @RequestMapping("/delete")
    @PreAuthorize("hasRole('ABC')")
    public  String delete(){
        System.out.println("delete");
        return "delete";
    }


}
